|
@@ -1,37 +1,12 @@
|
|
|
#!/usr/bin/lua
|
|
|
|
|
|
-local site = require 'gluon.site_config'
|
|
|
local sysconfig = require 'gluon.sysconfig'
|
|
|
+local sysctl = require 'gluon.sysctl'
|
|
|
local util = require 'gluon.util'
|
|
|
|
|
|
local uci = require('simple-uci').cursor()
|
|
|
|
|
|
|
|
|
-local ip4, ip6
|
|
|
-
|
|
|
-if site.next_node.ip4 then
|
|
|
- local plen = site.prefix4:match('/%d+$')
|
|
|
- ip4 = site.next_node.ip4 .. plen
|
|
|
-end
|
|
|
-
|
|
|
-if site.next_node.ip6 then
|
|
|
- ip6 = site.next_node.ip6 .. '/128'
|
|
|
-end
|
|
|
-
|
|
|
-uci:section('network', 'interface', 'client', {
|
|
|
- type = 'bridge',
|
|
|
- proto = 'static',
|
|
|
- macaddr = site.next_node.mac,
|
|
|
- ipaddr = ip4,
|
|
|
- ip6addr = ip6,
|
|
|
-})
|
|
|
-
|
|
|
-uci:delete('network', 'client', 'reqprefix')
|
|
|
-uci:delete('network', 'client', 'peerdns')
|
|
|
-uci:delete('network', 'client', 'sourcefilter')
|
|
|
-uci:delete('network', 'client', 'netmask')
|
|
|
-
|
|
|
-
|
|
|
local interfaces = uci:get('network', 'client', 'ifname') or {}
|
|
|
|
|
|
if type(interfaces) == 'string' then
|
|
@@ -48,11 +23,31 @@ if sysconfig.lan_ifname and not ifname and not uci:get_bool('network', 'mesh_lan
|
|
|
end
|
|
|
end
|
|
|
|
|
|
-uci:set_list('network', 'client', 'ifname', interfaces)
|
|
|
+uci:delete('network', 'client')
|
|
|
+uci:section('network', 'interface', 'client', {
|
|
|
+ type = 'bridge',
|
|
|
+ ifname = interfaces,
|
|
|
+ proto = 'none',
|
|
|
+ auto = true,
|
|
|
+ ipv6 = false,
|
|
|
+ macaddr = sysconfig.primary_mac,
|
|
|
+})
|
|
|
|
|
|
uci:save('network')
|
|
|
|
|
|
|
|
|
+uci:delete('firewall', 'client')
|
|
|
+uci:section('firewall', 'zone', 'client', {
|
|
|
+ name = 'client',
|
|
|
+ network = {'client'},
|
|
|
+ input = 'DROP',
|
|
|
+ output = 'DROP',
|
|
|
+ forward = 'DROP',
|
|
|
+})
|
|
|
+
|
|
|
+uci:save('firewall')
|
|
|
+
|
|
|
+
|
|
|
local dnsmasq = uci:get_first('dhcp', 'dnsmasq')
|
|
|
uci:set('dhcp', dnsmasq, 'boguspriv', false)
|
|
|
uci:set('dhcp', dnsmasq, 'localise_queries', false)
|
|
@@ -65,3 +60,6 @@ uci:section('dhcp', 'dhcp', 'client', {
|
|
|
})
|
|
|
|
|
|
uci:save('dhcp')
|
|
|
+
|
|
|
+
|
|
|
+sysctl.set('net.ipv6.conf.br-client.forwarding', 0)
|